Intrusion Prevention



This indicates an attack attempt to exploit a Denial of Service vulnerability in Apache HTTP Server.
The vulnerability caused by an error when the mod_http2 module handles a HTTP/2 request with crafted CONTINUATION frames. A remote attacker may be able to crash vulnerable web server via a HTTP request.

Affected Products

Apache HTTP Server 2.4.17 through 2.4.23


Denial of Service : Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.

CVE References